US indicts 13 Anonymous members for DDoS attacks

The U.S. has brought criminal charges against 13 persons, said to be members of the hacker group Anonymous, for their alleged participation in cyberattacks as part of a campaign called Operation Payback.

The defendants and other members of Anonymous allegedly launched or attempted to launch cyberattacks against government entities, trade associations, individuals, law firms and financial institutions, according to a federal grand jury indictment released Thursday in the U.S. District Court for the Eastern District of Virginia, Alexandria division.

Among the organizations targeted were the Recording Industry Association of America, the Motion Picture Association of America, the United States Copyright Office of the Library of Congress, Visa, MasterCard, and Bank of America.

The method of attack was DDoS (distributed denial of service) which floods web sites with spurious Internet traffic so that they become unavailable, and the weapon of choice was the freely-available and downloadable network stress testing program known as the Low Orbit Ion Cannon or LOIC, according to the indictment.

The 13 persons have been charged with one count of "conspiracy to intentionally cause damage to a protected computer" from about Sept. 16, 2010 to at least Jan. 2, 2011. All are from the U.S. and in their 20s with the exception of Geoffrey Kenneth Commander, a 65-year-old man from Hancock, New Hampshire, and Dennis Owen Collins, a man from Toledo, Ohio born in 1960.

Members of Anonymous launched Operation Payback on about September 2010 to retaliate against the discontinuation of The Pirate Bay, a controversial file-sharing website in Sweden, according to the indictment.

On December 4, 2010, Operation Payback planned DDoS attacks on the websites of entities that were either critical of whistle-blower website WikiLeaks or had refused to process payments for WikiLeaks, including Amazon and U.S. Senator Joseph Lieberman.

The hacker group thereafter launched attacks on the website of PostFinance, a Swiss payments, e-finance, and electronic account management organization, the Swedish prosecutor's office and a Swedish law firm. This was followed by an attack on the website of MasterCard, which cost the payment firm at least US$5,000 in losses during a one-year period, according to the indictment.

Anonymous has attacked sites in the U.S. and abroad for a number of ideological reasons ranging from censorship of the Internet, the takedown of file-sharing site Megaupload, and Israel military action against Hamas.

John Ribeiro covers outsourcing and general technology breaking news from India for The IDG News Service. Follow John on Twitter at @Johnribeiro. John's e-mail address is john_ribeiro@idg.com

Cyber resilience will be particularly important as Australian organisations face increased pressure to quickly detect, respond to, and manage the repercussions of breaches in the wake of 2018’s Notifiable Data Breaches (NDB) scheme.

Copyright 2018 IDG Communications. ABN 14 001 592 650. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of IDG Communications is prohibited.